1:1 NAT Weirdness
-
Hi All,
I've searched around haven't found any answers…
I am relocating my small data center from one building to another over a L3 link and want to keep the same subnets at the new building to avoid re-address and creating new FW rules/objects...
I setup 1:1 NAT on pfSense at my new site with a 10.30.x.x WAN range to map to internal subnets of 172.16.x.x and various 192.168.x.x. Right now on the LAN side of my pfSense I have some servers with 172.16.x.x. waiting until we fail-over.
The 1:1 NAT works from 192.168.x.x subnets but not from my 172.16.x.x range. If the subnet exists at both locations it freaks out and hangs. I thought the whole point of the 1:1 NAT was to not worry about this type of thing.
192.168.x.x. --> 10.30.x.x -->NAT-->172.16.x.x = WORKS!
172.16.x.x --> 10.30.x.x.-->NAT-->172.16.x.x = Not working...Any ideas would be appreciated.
-
172.16.x.x –> 10.30.x.x.-->NAT-->172.16.x.x = Not working...
Ok think about it for a second.. So 172.16.a.b talks to 10.30.x.y -- this gets sent to 172.16.c.d
Now how does 172.16.c.d talk back to 172.16.a.b?? To him that is on his network, so why would he send the traffic back to his gateway?
-
Thanks for your reply. I forgot to mention that I have another interface on pfsense that has the IP of the gateway, but as you point out, it will never try to talk to it. Even adding a static route on 172.16.c.d won't help if it still thinks it's local to that subnet.
Is there anyway to do this then? I really want to avoid re-addressing.
